LAB-PKG-01 - Apt & Debian Package Management

Part A: The Field Guide

---

🎯 What & Why

If you are coming from Windows or macOS, you are used to going to a website, downloading an .exe or .dmg installer, and double-clicking it. This is considered highly insecure and chaotic in the Linux world.

Instead, Linux pioneered the “App Store” model decades before smartphones existed. Software is securely hosted in centralized Repositories managed by the creators of your specific Linux distribution (like Ubuntu or Debian).

To install software securely and resolve all its hidden dependencies automatically, you use a Package Manager. On Ubuntu, Debian, Mint, and Kali Linux, the supreme package manager is apt (Advanced Package Tool).

---

🧠 Mental Model: The Library Catalog

Think of a repository as a massive physical library of 50,000 books (programs). Your local Linux machine doesn’t have all the books. It only has the library catalog (an index of what books exist, what version they are, and what dependencies they need).

The golden rule of Package Management is a two-step dance:

1. Sync the Catalog (apt update): Call the library and ask, “Have any new books been released or updated since yesterday?” This updates your local index.
2. Borrow/Update the Books (apt install / apt upgrade): Now that your index knows about the new versions, you can actually tell it to download and install the software.

If you don’t sync the catalog first, your system might try to download a version that doesn’t exist anymore!

---

📖 Command Reference

The Two-Step Update Dance

Managing Individual Apps

Housekeeping

Over time, you install apps that pull in 10 dependencies. When you apt remove the app later, those 10 dependencies sit on your hard drive forever as “orphans”.

---

🌍 Real Scenarios

Scenario 1: Securing a brand new server You just booted a fresh Ubuntu server in AWS. The very first two commands you type, before you do anything else whatsoever, are sudo apt update and sudo apt upgrade -y. This ensures every known security vulnerability in the base OS is instantly patched before you put the server on the internet.

Scenario 2: “Where is my config file?” (dpkg) apt is just the friendly downloading interface. The underlying engine that actually touches the files is dpkg. You installed nginx via apt, but you don’t know where it put the config files. You ask dpkg to list every file the nginx package dropped onto your hard drive: dpkg -L nginx (This will output exact paths like /etc/nginx/nginx.conf).

---

⚠️ Gotchas & Pitfalls

1. apt vs apt-get If you read old tutorials (pre-2016), you will see apt-get install everywhere. apt is the modernized, colorful, user-friendly wrapper. They do the exact same thing under the hood. For interactive typing, use apt. If you are writing a cold automated bash script with zero human interaction, use apt-get.
2. The “Could not get lock” Error Sometimes you run sudo apt install htop and get a terrifying red error: E: Could not get lock /var/lib/dpkg/lock. Don’t panic. This just means another installer process (usually the auto-updater in the background) is currently using apt. Only one program can touch the database at a time to prevent corruption. Just wait 60 seconds and try again.

---

Part B: The Drill Deck

Terminal Required: Open a Debian/Ubuntu based Linux terminal to practice. (If you are on CentOS/RHEL, skip to the next lab: DNF).

---

G

Guided Step by step - type exactly this and compare the result

>

Exercise G1: The Two Step Dance

1. Check if your catalog is out of date. Run: sudo apt update
2. Look at the final line of output. It will tell you exactly how many packages “can be upgraded”.
3. Actually perform the upgrades by running: sudo apt upgrade
4. It will prompt you [Y/n]. Press Y and enter.

Exercise G2: Installing and Purging

1. Let’s install a classic command line web browser. Run: sudo apt install lynx
2. Test it works: lynx linux.org (Press q to quit).
3. Now, let’s remove it but leave its configs. Run: sudo apt remove lynx
4. Now, let’s pretend it was malware and we want it truly gone. Run: sudo apt purge lynx

Exercise G3: Cleaning the Orphans

1. Sometimes remove or purge leaves behind dependencies.
2. Tell apt to scan its database for useless orphans: sudo apt autoremove
3. If it finds any, it will ask if you want to delete them to save disk space.

S

Solo Task described, hints available - figure it out

>

Exercise S1: Silent Installations

You are writing a bash script to set up 50 servers. You can’t have apt stopping the script to ask Do you want to continue? [Y/n]. You need to force it to assume “Yes”.

1. Search the man apt page (or use --help) to find the flag that assumes “Yes” to all prompts.
2. Run a command to install the curl tool without it asking a single question.

Exercise S2: Finding the Source

You installed curl. But you want to know what version it is, who maintains it, and what its official website is. You don’t need to Google this! The package manager has the metadata. Run apt show curl to read the official dossier on the package.

M

Mission Real scenario - no hints, combine multiple skills

>

Mission M1: The Dependency Detective

You installed the git package earlier. You want to see exactly what physical files it placed on your hard drive. apt can’t easily do this, but its underlying engine dpkg can.

Your Mission: Use the dpkg -L command to list all files managed by the git package. However, it will spit out hundreds of files. Pipe the output into grep to filter down the list so it only displays files placed inside the bin directories (where executable binaries live).

Hint: your grep pattern should probably just be “bin/”.